All Products

Did you know that there are more than 53 million WordPress sites in the world? This makes WordPress more popular than Blogger, Drupal, or Microsoft SharePoint. It also means that it is a big target for hackers.

“WordPress is used by 54.3% of all the websites whose content management system we know. This is 17.0% of all websites.”

Although WordPress is known for its stability and security, the open-source community is taking serious measures to fix any vulnerabilities that crop up. Developers are constantly providing new tips on how to protect WordPress sites against attacks that could disrupt online browsing (and even e-commerce transactions).

Protect wp-config.php

“Wp-config.php is one of the most important files in your WordPress blog,” said blogging site, DesignWoop.

“This file contains some of the very important administrator credentials that can help a hacker gain access to your WordPress database.”

DesignWoop suggests pasting the following lines into your. htaccess file. This file is located at the root of your WordPress install:

Options +FollowSymLinks

RewriteEngine On

RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]

RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]

RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})

RewriteRule ^(.*)$ index.php [F,L]

However, remember to make a backup of your .htaccess file before editing. This will allow you to roll back any changes if you encounter problems along the way.

Create Unpredictable Credentials

The default WordPress installation includes an administrator user account with the name, “admin.” Hackers will try to login into this account and guess passwords.

The admin username cannot be changed. However, if WordPress is installed from cPanel’s Softaculous, the username and password can be altered. Most reliable web hosting companies, including Midphase, offer this feature.

Another option is to log into WordPress and create an unpredictable name and assign administrator privileges to this user and delete the former.

“As for choosing the new user name, make sure that it is not similar to the name you display publicly on your blog,” said Daniel Scocco, Daily Blog Tips.

“If you sign your posts as John Doe, for instance, naming the administrator user as “john” or “johndoe” wouldn’t help. You need something that others won’t be able to guess easily.”

Install Security Plugins

Hackers often rely on automated scripts to take control of the website. These scripts can take numerous attempts to log in to the website’s administration page. They can try thousands of combinations until they have the complete control.

“Better WP Security takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site.”

A longer password, mixed with letter, numbers and symbols will take hackers a longer time to execute a brute-force attack.

These are just a few things you can do to more tightly secure your WordPress blog. Also contact your hosting company for additional tips and advice on how to protect your WordPress install.

This article was brought to you by Midphase, for shared hosting, cloud servers and 24/7 support visit our site here www.midphase.com

Stop blending in with the rest of the crowd and start leaving your mark on the web

ABOUT MIDPHASE HOSTING SERVICES

Since our inception in 1998, we have worked tirelessly to perfect the art of web hosting. From our robust infrastructure to our highly skilled employees we have built a reputation for delivering when it matters most.